The following issues were found
lib/if2ip.h
1 issues
Line: 52
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define IFNAMSIZ 16
#define IFHWADDRLEN 6
union {
char ifrn_name[IFNAMSIZ]; /* if name, e.g. "en0" */
} ifr_ifrn;
union {
struct sockaddr ifru_addr;
struct sockaddr ifru_broadaddr;
Reported by FlawFinder.
lib/http_ntlm.c
1 issues
Line: 78
Column: 15
CWE codes:
126
state = proxy ? &conn->proxy_ntlm_state : &conn->http_ntlm_state;
if(checkprefix("NTLM", header)) {
header += strlen("NTLM");
while(*header && ISSPACE(*header))
header++;
if(*header) {
Reported by FlawFinder.
lib/strcase.h
1 issues
Line: 46
Column: 48
CWE codes:
126
/* checkprefix() is a shorter version of the above, used when the first
argument is zero-byte terminated */
#define checkprefix(a,b) curl_strnequal(a,b,strlen(a))
void Curl_strntoupper(char *dest, const char *src, size_t n);
void Curl_strntolower(char *dest, const char *src, size_t n);
#endif /* HEADER_CURL_STRCASE_H */
Reported by FlawFinder.
lib/http_chunks.h
1 issues
Line: 89
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
curl_off_t datasize;
ChunkyState state;
unsigned char hexindex;
char hexbuffer[ CHUNK_MAXNUM_LEN + 1]; /* +1 for null-terminator */
};
/* The following functions are defined in http_chunks.c */
void Curl_httpchunk_init(struct Curl_easy *data);
CHUNKcode Curl_httpchunk_read(struct Curl_easy *data, char *datap,
Reported by FlawFinder.
lib/hostip4.c
1 issues
Line: 135
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#if defined(HAVE_GETADDRINFO_THREADSAFE)
struct addrinfo hints;
char sbuf[12];
char *sbufptr = NULL;
memset(&hints, 0, sizeof(hints));
hints.ai_family = PF_INET;
hints.ai_socktype = SOCK_STREAM;
Reported by FlawFinder.
tests/unit/unit1396.c
1 issues
Line: 105
Column: 19
CWE codes:
126
char *out = curl_easy_escape(hnd, list2[i].in, list2[i].inlen);
abort_unless(out != NULL, "returned NULL!");
outlen = (int)strlen(out);
fail_unless(outlen == list2[i].outlen, "wrong output length returned");
fail_unless(!memcmp(out, list2[i].out, list2[i].outlen),
"bad output data returned");
printf("curl_easy_escape test %d DONE (%s)\n", i, out);
Reported by FlawFinder.
lib/hash.h
1 issues
Line: 63
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct Curl_llist_element list;
void *ptr;
size_t key_len;
char key[1]; /* allocated memory following the struct */
};
struct Curl_hash_iterator {
struct Curl_hash *hash;
int slot_index;
Reported by FlawFinder.
lib/hash.c
1 issues
Line: 92
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
key_len);
if(he) {
/* copy the key */
memcpy(he->key, key, key_len);
he->key_len = key_len;
he->ptr = (void *) p;
}
return he;
}
Reported by FlawFinder.
lib/easy.c
1 issues
Line: 198
Column: 6
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
init_flags = flags;
#ifdef DEBUGBUILD
if(getenv("CURL_GLOBAL_INIT"))
/* alloc data that will leak if *cleanup() is not called! */
leakpointer = malloc(1);
#endif
return CURLE_OK;
Reported by FlawFinder.
lib/vtls/vtls.h
1 issues
Line: 57
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
int connindex);
/* return 0 if a find random is filled in */
CURLcode (*random)(struct Curl_easy *data, unsigned char *entropy,
size_t length);
bool (*cert_status_request)(void);
CURLcode (*connect_blocking)(struct Curl_easy *data,
struct connectdata *conn, int sockindex);
Reported by FlawFinder.